I'm inserting some values into my database, which is working successfully. However when i insert a new value for an id that has a previous value, the old val isn't replaced by the new, instead they're kept both. I'm trying to update the function with an if/else statement (commented part). But still the same result.
$options = '';
$filter=mysql_query("select afnumber from employees WHERE Status='Employed '");
while($row = mysql_fetch_array($filter)) {
$options .="<option >" . $row['afnumber'] . "</option>";
}
$menu="<form id='filter' name='filter' method='post' action=''>
AFNumber : <select name='SelectAF' id='filter' style='color:grey;'>" . $options . "</select>
Added hours: <input type='text' name='AddedHours' style=' padding: 10px;border: solid 2px #c9c9c9; width:50px; height:2px;'>
<input type='submit' name='submit' value='Submit' style='width:80px; height:30px; text-align:center; padding:0px;'>
</form>
<br>
";
/* if(isset($_POST['submit'])){
$addedhours = $_POST['AddedHours'];
$selectaf = $_POST['SelectAF'];
if($addedhours == ""){
$sql="INSERT INTO `editedworkhours` (`AFNumber`,`AddedWH`) VALUES('$selectaf','$addedhours')";
$getResult =mysql_query($sql);
}
else{
$sql2 = "UPDATE editedworkhours SET AddedWH=$addedhours WHERE AFNumber=$selectaf";
$getResult =mysql_query($sql2);
}
}
echo $menu; */
echo '<div class="scrolldiv">';
try {
$conn = new PDO('mysql:host=localhost;dbname=hr', 'root', 'J546');
$conn->exec("set names utf8");
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$num_rows = $conn->query('SELECT COUNT(*) FROM employees')->fetchColumn();
$pages = new Paginator($num_rows,9,array(15,3,6,9,12,25,50,100,250,'All'));
echo $pages->display_pages();
echo "<span class=\"\">".$pages->display_jump_menu().$pages->display_items_per_page()."</span>";
$stmt = $conn->prepare("SELECT employees.afnumber,employees.name,employees.dateofemployment,employees.actualpost,employees.department FROM employees WHERE employees.status='Employed' AND (employees.afnumber LIKE '%$search%' OR employees.name LIKE '%$search%') ORDER BY employees.afnumber DESC LIMIT :start,:end");
$stmt->bindParam(':start', $pages->limit_start, PDO::PARAM_INT);
$stmt->bindParam(':end', $pages->limit_end, PDO::PARAM_INT);
$stmt->execute();
$result = $stmt->fetchAll();
$ewhtable = "<table class='sortable'><tr><th>AFNumber</th><th>Employee Name</th><th>Years of Service</th><th>Actual Post</th><th>Department</th><th>Added Hours</th></tr>\n";
foreach($result as $row) {
$years=explode("/", $row[2]);
$years[2]=intval(date ('Y')) - $years[2];
$sql="SELECT addedwh FROM editedworkhours WHERE afnumber='$row[0]'";
$var = "";
$stmt = $conn->prepare($sql);
$stmt->execute();
$result2 = $stmt->fetchAll();
foreach ($result2 AS $row2) {
$var .= $row2['addedwh'] . "\n";
}
$ewhtable .= "<tr><td>$row[0]</td><td>$row[1]</td><td>$years[2]</td><td>$row[3]</td><td>$row[4]</td><td>$var</td></tr>\n";
}
$ewhtable .= "</table>\n";
echo $ewhtable;
exportTable(str_replace("&","",$ewhtable),"EmployeeWorkingHoursTable");
echo $pages->display_pages();
echo "<p class=\"paginate\">Page: $pages->current_page of $pages->num_pages</p>\n";
echo "</div>";
} catch(PDOException $e) {
echo 'ERROR: ' . $e->getMessage();
}
If AddedHours input value has only a space, your comparison if($addedhours == "") will fail.
Always trim the values before comparison.
$addedhours = trim($_POST['AddedHours']);
Related
I have a problem with updating value with PHP, it can get the data that I input but it cannot update it and render it to the read page.
<?php
require_once("session.php");
require_once("included_functions.php");
require_once("database.php");
new_header("VinceT");
$mysqli = Database::dbConnect();
$mysqli->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
if (($output = message()) !== null) {
echo $output;
}
echo "<h3>Update A Order</h3>";
echo "<div class='row'>";
echo "<label for='left-label' class='left inline'>";
if (isset($_POST["submit"])) {
$stmt = $mysqli->prepare("UPDATE VTCustomer SET CustomerFName=? WHERE CustomerID=?");
$stmt->execute([$_POST["CustomerFName"],$_POST["CustomerID"]]);
$stmt1 = $mysqli->prepare("UPDATE VTCustomer SET CustomerLName=? WHERE CustomerID=?");
$stmt1->execute([$_POST["CustomerLName"],$_POST["CustomerID"]]);
if($stmt) {
$_SESSION["message"] = $_POST["CustomerFName"]." has been updated";
} else {
$_SESSION["message"] = "Error! Could not update ".$_POST["CustomerFName"];
}
redirect("read.php");
} else {
if (isset($_GET["id"]) && $_GET["id"] !== "") {
$stmt = $mysqli->prepare("SELECT OrderID FROM OrderVinceT WHERE OrderID=?");
$stmt->execute([$_GET["id"]]);
if ($stmt) {
while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
echo "<h3>Order ".$row["OrderID"]." Information</h3>";
}
echo "<form method='POST' action='update.php'>";
echo "<input type = 'hidden' name = 'OrderID' value = ' ".$row['OrderID']." ' />";
$stmt1 = $mysqli->prepare("SELECT CustomerFName FROM VTCustomer WHERE CustomerID=?");
$stmt1->execute([$_GET["id"]]);
if ($stmt1) {
while ($row1 =$stmt1 -> fetch(PDO::FETCH_ASSOC)) {
echo "<p>Customer First Name: <input type='text' name='CustomerFName' value='".$row1["CustomerFName"]."'></p>";
}
}
$stmt5 = $mysqli->prepare("SELECT CustomerLName FROM VTCustomer NATURAL JOIN OrderVinceT WHERE OrderVinceT.CustomerID=?");
$stmt5->execute([$_GET["id"]]);
if ($stmt5) {
while ($row5 =$stmt5 -> fetch(PDO::FETCH_ASSOC)) {
echo "<p>Customer Last Name: <input type='text' name='CustomerLName' value='".$row5["CustomerLName"]."'></p>";
}
}
echo "<input type='submit' name='submit' value='Update Order' class='tiny round button'/>";
echo "</form>";
echo "<br /><p>«:<a href='read.php'>Back to Main Page</a>";
echo "</label>";
echo "</div>";
} else {
$_SESSION["message"] = "Order could not be found!";
redirect("read.php");
}
}
}
new_footer("VinceT");
Database::dbDisconnect($mysqli);
?>
Do you guys have any idia why I cannot update this? I test queries in the console and it works just fine. The if statement that render out the message still receive the value of the input but it cannot update the database that render out in read.php
I am trying to do a simple dropdown list on a table, however, my codes don't seem to be working, I was wondering if there any issue with the way I connect and retrieve? or its just my codes for the dropdown list is wrong. Here are the codes for it, below screenshot contains my database along with the place I want to put my dropdown list. Thanks for the time.
<?php
$mysqli = new mysqli(spf, dbuser, dbpw, db);
$stmt = $mysqli->prepare("Select sbranch_name from branches");
$result = $stmt->execute();
$stmt->bind_result($sbranch_name);
//while ($stmt->fetch())
//{
// $stmt .="<option>". $row['sbranch_name']. "</option>";
//echo '<input type="checkbox" name="sbranch_name[]" value="'.$sbranch_name.'". <br>';
// echo $stmt;
//}
if ($result->num_rows > 0) {
echo "<select name='sbranch_name'>";
while($row = $result->fetch_assoc()) {
echo "<option value='" . $row['sbranch_name'] . "'>" . $row['sbranch_name'] . "</option>";
}
echo "</select>";
}
$stmt->close();
$mysqli->close();
?>
try this code
using mysqli->query
<?php
$mysqli = new mysqli(spf, dbuser, dbpw, db);
$sql="Select sbranch_name from branches";
$result = $mysqli->query($sql);
//$stmt->bind_result($sbranch_name);
//while ($stmt->fetch())
//{
// $stmt .="<option>". $row['sbranch_name']. "</option>";
//echo '<input type="checkbox" name="sbranch_name[]" value="'.$sbranch_name.'". <br>';
// echo $stmt;
//}
if ($result->num_rows > 0) {
echo "<select name='sbranch_name'>";
while($row = $result->fetch_assoc()) {
echo "<option value='" . $row['sbranch_name'] . "'>" . $row['sbranch_name'] . "</option>";
}
echo "</select>";
}
//$stmt->close();
$mysqli->close();
?>
I think the issue in when you binding query, why dont you use below code.
$result = $mysqli->query("Select sbranch_name from branches");
if ($result->num_rows > 0) {
echo "<select name='images'>";
while($row = $result->fetch_assoc()) {
echo "<option value='" . $row['sbranch_name'] . "'>" . $row['sbranch_name'] . "</option>";
}
echo "</select>";
}
Okay I just changed it to $_POST and it's now working. I'm not sure if this is the shortcut method. At least it's working now. You can help me shrink the code if you want to help me. thanks
<?php
$conn = new mysqli('localhost', 'root', 'jared17', 'hbadb')
or die ('Cannot connect to db');
$result = $conn->query("select * from english");
echo "<html>";
echo "<body>";
echo "<form method = POST>";
echo "<select name = 'Students'>";
while ($row = $result->fetch_assoc()) {
$LRN = $row['LRN'];
$Last = $row['Last_Name'];
$First = $row['First_Name'];
$Lvl = $row['Level'];
$Q1 = $row['Q1'];
$Q2 = $row['Q2'];
$Q3 = $row['Q3'];
$Q4 = $row['Q4'];
$Final = $row['FINAL'];
echo '<option value="'.$LRN.'|'.$Last.', '.$First.'|'.$Lvl.'|'.$Q1.'|'.$Q2.'|'.$Q3.'|'.$Q4.'|'. $Final.'">'.$Last.', '.$First.'</option>';
}
echo "</select>";
echo "<input type='submit' name='submit' value='Show'>";
echo "</form>";
$show = $_POST['Students'];
$show_explode = explode('|', $show);
echo "<table><tr><th>LRN</th><th>Name</th><th>Level</th><th>Q1</th><th>Q2</th><th>Q3</th><th>Q4</th><th>Final</th></tr>";
echo "<tr><td>". $show_explode[0]."</td><td>". $show_explode[1]."</td><td>". $show_explode[2]."</td><td>". $show_explode[3]."</td><td>". $show_explode[4]."</td><td>". $show_explode[5]."</td><td>". $show_explode[6]."</td><td>". $show_explode[7]."</td></tr>";
echo "</table>";
echo "</body>";
echo "</html>";
?>
Don't put all the details in the option value like that. Just put the ID in the value.
echo "<select name = 'Students'>";
while ($row = $result->fetch_assoc()) {
$LRN = $row['LRN'];
$Last = $row['Last_Name'];
$First = $row['First_Name'];
echo '<option value="'.$LRN.'">'.$Last.', '.$First.'</option>';
}
echo "</select>";
Then look it up in the database when the form is submitted.
if (isset($_POST['Students'])) {
$lrn = $_POST['Students'];
$stmt = $conn->prepare("SELECT Last_Name, First_Name, Level, Q1, Q2, Q3, Q4, FINAL FROM english WHERE LRN = ?");
$stmt->bind_param('i', $lrn);
$stmt->execute();
$stmt->bind_result($last, $first, $level, $q1, $q2, $q3, $q4, $final);
$stmt->fetch();
echo "<table><tr><th>LRN</th><th>Name</th><th>Level</th><th>Q1</th><th>Q2</th><th>Q3</th><th>Q4</th><th>Final</th></tr>";
echo "<tr><td>$lrn</td><td>$last, $first</td><td>$level</td><td>$q1</td><td>$q2</td><td>$q3</td><td>$q4</td><td>$final</td></tr></table";
}
You can use $foreach for minimum code when deal with Array. Here code goes
if(isset($_POST['submit'])){
// after post a form ur code goes here
$show = $_POST['Students']; $show_explode = explode('|', $show);
echo "<table><tr>
<th>LRN</th>
<th>Name</th>
<th>Level</th>
<th>Q1</th>
<th>Q2</th>
<th>Q3</th>
<th>Q4</th>
<th>Final</th>
</tr>";
echo "<tr>";
foreach($show_explode as $value){
echo "<td>".$value."</td>";
}
echo "</tr></table>
}
I have the following two prepared statements. The db connection and queries are correct, I have tested them within phpmyadmin. I also tested inside of my while fetch loop to see if I am pulling the data I am supposed to be and I am.
The problem resides in my while and foreach loops or possibly my num rows statement. I am not sure what I am doing incorrectly in there.
I am getting this error:
Warning: mysqli::query() expects parameter 1 to be string, object given
For this while loop:
while ($row2 = $result->fetch_assoc() ) {
I am also getting my else statement..
echo "<p>This topic does not exist.</p>";
Even though the info is echoing out correctly, again I just think my loops are wrong?
Does anyone see what I am doing wrong in my loops?
$con = new mysqli("localhost", "", "", "");
if (mysqli_connect_errno()) {
throw new Exception("Connect failed: %s\n", mysqli_connect_error());
exit();
}
/* activate reporting */
$driver = new mysqli_driver();
try {
$cid = $_GET['cid'];
$tid = $_GET['tid'];
$userid = ( isset( $_SESSION['user'] ) ? $_SESSION['user'] : "" );
echo $cid . "<br>";
echo $tid;
//Prepare
if ($stmt = $con->prepare("SELECT * FROM forum_topics WHERE `category_id`=? AND `id`=? LIMIT 1")) {
$stmt->bind_param("ii", $cid, $tid);
$stmt->execute();
$stmt->bind_result($topic_id, $category_id, $topic_title, $topic_creator, $topic_last_user, $topic_date, $topic_reply_date, $topic_views);
if (!$stmt) {
throw new Exception($con->error);
}
}
while ($row = $stmt->fetch()) {
$stmt->store_result();
$numrows = $stmt->num_rows;
echo $numrows;
}
if($numrows == 1){
echo "<table width='100%'>";
if ( $_SESSION['user'] ) {
echo "<tr><td colspan='2'><input type='submit' value='Add Reply' onclick=\"window.location =
'forum_post_reply.php?cid=".$cid."$tid=".$tid."'\"> <hr />";
} else {
echo "<tr><td colspan='2'><p>Please log in to add your reply</p><hr /></td></tr>";
}
}
foreach($stmt as $row) {
//Prepared SELECT stmt to get forum posts
if($stmt2 = $con->prepare("SELECT `id`, `category_id`, `topic_id`, `post_creator`, `post_content`, `post_date` FROM forum_posts WHERE `category_id`=? AND `topic_id`=?")) {
$stmt2->bind_param("ii", $cid, $tid);
$stmt2->execute();
$stmt2->bind_result($post_id, $post_category_id, $post_topic_id, $post_creator, $post_content, $post_date);
if (!$stmt2) {
throw new Exception($con->error);
}
}
}
if ($result = $con->query($stmt)) {
while ($row2 = $result->fetch_assoc() ) {
echo "<tr><td valign='top' style='border: 1px solid #000000;'>
<div style='min-height: 125px;'>".$row['topic_title']."<br />
by ".$row2['post_creator']." - " .$row2['post_date']. "<hr />" . $row2['post_content'] ."</div></td>
<td width='200' valign='top' align='center' style='border: 1px solid #000000;'>User Info Here!</td></tr>
<tr><td colspan='2'><hr /></td></tr>";
}
} else {
echo "<p>This topic does not exist.</p>";
}
}
catch (Exception $e)
{
echo "Error: " . $e->getMessage();
}
if you search on $stmt with ctrl-F in your browser (and ignoring $stmt2), you will notice that $stmt is a prepared statement all the way down to the error line. $stmt comes to life as a return type from prepare, is bound, and executed.
later on you:
if ($result = $con->query($stmt)) {
so $con->query() is expecting a string, not an object, no?
From the manual.
Not that there aren't other things to consider under a microscope, but I hope this narrowly answers the error message for you.
Edit:
Apparently, you cannot use bind_result with select *. Read the gents Accepted Answer to this question. He does 2 examples, 1 with 1 without select *. Also note store_result()
Here is the link to his answer that was upvoted quite a bit.
I have a simple program that I am trying to implement some sort of pagination/capability to navigate through individual records in a MySQL database. The code itself calls a function that returns an associative array so that the records may be navigated sequentially in the case of non-sequential indices being made by deletes.
function getKeys($handle, $user, $password) {
try {
$conn = new PDO($handle,$user,$password);
$conn -> setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
}
catch(PDOException $e) {
echo "Error connectiong to database. Error: (" . $e -> getMessage() . ")";
}
$sql = "Select Workstation_ID from Workstation";
$result = $conn -> query($sql);
$resultArray = array();
while ( $row = $result -> fetch()) {
$resultArray[] = $row;
}
$conn = null;
return $resultArray; }
I am attempting to store the result from this function into a variable and from there try to increment that variable for use in an other function:
$Keys = getKeys($dsn,$un,$pw);
$i = 0;
$currID = $Keys[$i][0];
$row = getResultSet($dsn,$un,$pw,$currID);
I would then use the $row to display the current workstation :
echo "<hr class='viewHR'>";
echo "</br></br><div class='viewFormat'>";
echo "<form name = 'updateWorkstationForm' action ='updateWorkstation.php' method ='post'>";
echo "<b>Workstation Name:</b><br><input type = 'Textbox' name = 'pcName' value = '" . $row['Workstation_Name'] . "'/></br>";
echo "<b>Serial Number: </b><br> <input type = 'Textbox' name = 'SN' value = '" . $row['Serial_Number'] . "'/></br>";
echo "<b>Model</b></br>";
echo "<select name ='modelSelect'>";
echo "<option value = '".$row['Model_ID'] . "'>" . $row['Model'] . "</option>";
echo "</select></br>";
echo "<b>Department</b></br>";
echo "<select name ='DepartmentSelect'>";
echo "<option value = '".$row['Department_ID'] . "'>" . $row['Department'] . " </option>";
echo "</select></br>";
I was wondering if I was going about this completely wrong or how I would approach incrementing the array's index to display each record on a click of an anchor tag or button the whole file is as follows :
<html>
<body>
<div>
<?php
$un = "xxx";
$pw = "xxxxxx";
$dsn = "mysql:host=127.0.0.1;dbname=xxxxxxxxxxx";
$Keys = getKeys($dsn,$un,$pw);
$i = 0;
$currID = $Keys[$i][0];
$row = getResultSet($dsn,$un,$pw,$currID);
echo "<hr class='viewHR'>";
echo "</br></br><div class='viewFormat'>";
echo "<form name = 'updateWorkstationForm' action ='updateWorkstation.php' method = 'post'>";
echo "<b>Workstation Name:</b><br> <input type = 'Textbox' name = 'pcName' value = '" . $row['Workstation_Name'] . "'/></br>";
echo "<b>Serial Number: </b><br> <input type = 'Textbox' name = 'SN' value = '" . $row['Serial_Number'] . "'/></br>";
echo "<b>Model</b></br>";
echo "<select name ='modelSelect'>";
echo "<option value = '".$row['Model_ID'] . "'>" . $row['Model'] . "</option>";
echo "</select></br>";
echo "<b>Department</b></br>";
echo "<select name ='DepartmentSelect'>";
echo "<option value = '".$row['Department_ID'] . "'>" . $row['Department'] . "</option>";
echo "</select></br>";
echo "<b>Room</b></br>";
echo "<select name ='RoomSelect'>";
echo "<option value = '".$row['Room_ID'] . "'>" . $row['Room'] . "</option>";
echo "</select></br>";
echo "<b>Property Status</b> </br>";
echo "<select name = 'propertyStatus'>";
echo "<option value = '".$row['Property_Status_ID'] . "'>" . $row['Property_Status'] . "</option>";
echo "</select></br>";
if ($row['Property_Status'] != "Owned"){
echo "<b>Lease Company:</b> ";
echo "<select name = leaseSelect>";
echo "<option value = '" . $row['Lease_Info_ID'] ."'>Company:" . $row['Company'] . ", Start: " . $row['Start_Date'] . "End: " .$row['End_Date'] . "</option>";
echo "</select></br>";
}
echo "<b>Cart</b></br>";
echo "<select name ='cartSelect'>";
echo "<option value = '".$row['Cart_ID'] . "'>" . $row['Cart_Type'] . "</option>";
echo "</select></br>";
echo "<b>Workstation Comments: </b><br> <Textarea rows='5' cols='60' name = 'wsComments'> ". $row['Workstation_Comment'] . " </Textarea></br>";
echo "<b>Location Comments: </b><br> <Textarea rows='5' cols='60' name = 'locComments'> ". $row['Workstation_Comment'] . " </Textarea></br>";
echo "<input type = 'submit' value = 'Update' />";
echo "<input type = 'button' value = 'Cancel' onclick = 'location.reload(this);' />";
echo "</form>";
echo "</div>";
/*Function to return a parallel array. This is so that non-sequential records in the database may be described sequentially with the help of an array's indices*/
function getKeys($handle, $user, $password) {
try {
$conn = new PDO($handle,$user,$password);
$conn -> setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
}
catch(PDOException $e) {
echo "Error connectiong to database. Error: (" . $e -> getMessage() . ")";
}
$sql = "Select Workstation_ID from Workstation";
$result = $conn -> query($sql);
$resultArray = array();
while ( $row = $result -> fetch()) {
$resultArray[] = $row;
}
$conn = null;
return $resultArray;
}
function getResultSet($handle, $user, $password, $ID) {
$resultSet = "";
try {
$conn = new PDO($handle,$user,$password);
$conn -> setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
}
catch(PDOException $e) {
echo "Error connectiong to database. Error: (" . $e -> getMessage() . ")";
}
$sql = "Select Workstation.Workstation_ID,Workstation.Model_ID,Workstation.Property_Status_ID,workstation.Lease_Info_ID, Workstation.Workstation_Name, Workstation.Serial_Number, Model.Model, Department.Department,Room.Room,Property_Status.Property_Status,Lease_Info.Start_Date,Lease_Info.End_Date,Lease_Info.Company,Lease_Info.Lease_Comment,Cart.Cart_Type,Workstation.Workstation_Comment,Workstation.Location_Comment from Workstation INNER JOIN Model ON Workstation.Model_ID = Model.Model_ID INNER JOIN Department ON Workstation.Department_ID = Department.Department_ID INNER JOIN Room ON Workstation.Room_ID = Room.Room_ID INNER JOIN Property_Status ON Workstation.Property_Status_ID = Property_Status.Property_Status_ID INNER JOIN Lease_Info ON Workstation.Lease_Info_ID = Lease_Info.Lease_Info_ID INNER JOIN Cart ON Workstation.Cart_ID = Cart.Cart_ID where Workstation_ID = :ID";
$pstmt = $conn -> prepare($sql);
if(!$pstmt) {
echo "Error preparing the statement. Error: (" . $conn -> ErrorInfo() . ")";
}
$pstmt -> bindParam(':ID', $ID);
try {
$pstmt -> execute();
}
catch(PDOException $e) {
echo "Failed to execute prepared Statement. Error: (" . $e -> getmessage() . ")";
}
$resultSet = $pstmt -> fetch();
return $resultSet;
$conn = null;
}
?>
</div>
</body>
</html>
Any criticism, insight, or pointers would be greatly appreciated.
You shouldn’t be fetching all records if you only intend to display a subset, or just one.
To paginate, use the LIMIT clause. So, if you split records into pages of ten, then to get the first page your query would be:
SELECT * FROM workstations LIMIT 0,10
Where the first number is the offset, and the second number is the number of records after the offset you wish to fetch. To fetch the second page, you’d change the limit clause to be LIMIT 10,10; to fetch the third page LIMIT 20,10, and so on. The PHP equation is:
$offset = (($page - 1) * $records_per_page);
The page value can come from a $_GET variable, like http://www.example.com/?page=1.
Secondly, if you’re only wanting to display one record, then fetch that one:
SELECT * FROM workstations WHERE id = ? LIMIT 1
Pass the ID via a $_GET parameter again, and use PDO to bind it to avoid SQL injection vulnerabilities:
<?php
$sql = "SELECT * FROM workstations WHERE id = :id LIMIT 1";
$sth = $db->prepare($sql);
$sth->bindParam(':id', $_GET['id'], PDO::PARAM_INT);
$sth->execute();
$row = $sth->fetchObject();